User Tools

Site Tools


command

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
command [2015/03/20 10:23]
NamJungGu
command [2015/03/20 14:06] (current)
NamJungGu
Line 75: Line 75:
   * Lookup을 이용해서 Replace를 확장해서 사용하면 유리함.   * Lookup을 이용해서 Replace를 확장해서 사용하면 유리함.
   * toTest : <​nowiki>​splunk search '​index=appmgmt|head 100|eval time=_time|table time|eval TIME=strftime(_time,"​%Y년%m월%d %H:​%M:​%s"​)|eval TIME2=strftime(time,"​%Y년%m월%d %H:​%M:​%s.%3N"​)'</​nowiki>​   * toTest : <​nowiki>​splunk search '​index=appmgmt|head 100|eval time=_time|table time|eval TIME=strftime(_time,"​%Y년%m월%d %H:​%M:​%s"​)|eval TIME2=strftime(time,"​%Y년%m월%d %H:​%M:​%s.%3N"​)'</​nowiki>​
 +
 +====== Examples ======
 +* <​nowiki>​sourcetype=acc* action=* |fields action,​clientip</​nowiki>​
 +* <​nowiki>​sourcetype=acc* action=* |fields action,​clientip |top clientip action</​nowiki>​
 +
 +
command.txt · Last modified: 2015/03/20 14:06 by NamJungGu